A draft of a healthcare-specific version of the upcoming NIST Cybersecurity Framework will be unveiled this fall. Find out why some CISOs say it could help them address specific data security concerns.
How were four Russians and a Ukrainian allegedly able to steal more than 160 million payment card numbers from corporate networks over seven years? An indictment announced by U.S. Attorney Paul J. Fishman provides details.
By being transparent, federal government agencies can minimize public concern that government monitors individual speech and action on social media, new guidance from the U.S. federal CIO Council advises.
Under HIPAA Omnibus, many cloud computing providers are considered business associates directly liable for HIPAA compliance. What safeguards to protect health data should covered entities expect cloud providers to implement?
In this week's roundup, University of Virginia students' Social Security numbers were exposed on mailed health insurance brochures. Also, a California hospital reports a case of inappropriate records access by a staff member.
Federal authorities have indicted five Russians and Ukrainians linked to Heartland hacker Albert Gonzalez for the roles they allegedly played in a credit and debit card fraud scheme that compromised more than 160 million cards.
The National Security Agency is piloting a new program, as a result of the Edward Snowden incident, in which systems administrators with top-secret clearance can access certain secret documents only with the approval of another colleague.
A former respiratory therapist has pleaded guilty in an ID theft case involving more than 800 patient records. A security expert explains why detecting insider fraud can be difficult and offers prevention tips.
What can the Food and Drug Administration do to improve the security of medical devices? Sharon Finney, data security leader at Adventist Health System, offers her insights and also describes her organization's security efforts.
Under the new HIPAA Omnibus Rule, business associates and their subcontractors are now directly liable for HIPAA compliance. But what kinds of companies meet the definition of a business associate? Privacy attorney Stephen Wu explains.